UNPKG

signal-channel

Version:

A signal channel that empowers webrtc

github.com/Raynos/signal-channel

Raynos/signal-channel

244 lines (164 loc) 6.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
# scuttlebutt <img src=https://secure.travis-ci.org/dominictarr/scuttlebutt.png?branch=master> A base class that makes implementing datastructures for real-time replication easy. This seems like a silly name, but I assure you, this is real science. read this: http://www.cs.cornell.edu/home/rvr/papers/flowgossip.pdf or if you are lazy: http://en.wikipedia.org/wiki/Scuttlebutt (laziness will get you nowhere, btw) ## Usage Users may implement a subclass of thier own data model. two implementations are provided [scuttlebutt/model](#scuttlebuttmodel) and [scuttlebutt/events](#scuttlebuttevents) also [crdt](https://github.com/dominictarr/crdt) for a subclass with a more high-level data model. ### Replication Any Scuttlebutt subclass is replicated with createStream. ``` js var s = new Scuttlebutt() var z = new Scuttlebutt() var zs = z.createStream() zs.pipe(s.createStream()).pipe(zs) ``` subclasses must implement at least `history` and `applyUpdate` ### Persistence persist by saving to at least one writable stream. ``` js var Model = require('scuttlebutt/model') //or some other subclass... var fs = require('fs') var m = new Model() //stream FROM disk. fs.createReadStream(file).pipe(m.createWriteStream()) //stream TO disk. m.on('sync', function () { m.createReadStream().pipe(fs.createWriteStream(file)) }) ``` use `on('sync',...` to wait until the persisted state is in the file before writing to disk. (make sure you rotate files, else there is a edge case where if the process crashes before the histroy has been written then some data will be lost /*this is where link to module for that will go*/) use you may use [kv](https://github.com/dominictarr/kv) to get streams to local storage. ## API ### Scuttlebutt#history(sources) `sources` is a hash of source_ids: timestamps. history must return an array of all known events from all sources That occur after the given timestamps for each source. The array MUST be in order by timestamp. ``` js { A: 0, B: 2, C: 3 } ``` ### Scuttlebutt#applyUpdate (update) Possibly apply a given update to the subclasses model. return true if the update was applied. (see scuttlebutt/model.js for an example of a subclass that does not apply every update) ### Scuttlebutt#createStream (opts) Create a duplex stream to replicate with a remote endpoint. The stream returned here emits a special `'header'` event with the id of the local and remote nodes and the vector clock. You can set metadata on the header object using `opts.meta`. #### Examples ``` js var Model = require('scuttlebutt/model') var a = new Model() var b = new Model() a.set(key, value) b.on('update', console.log) var s = a.createStream() s.pipe(b.createStream()).pipe(s) ``` ### scuttlebutt/events A Reliable event emmitter. Multiple instances of an emitter may be connected to each other and will remember events, so that they may be resent after a disconnection or crash. With this approach it is also possible to persist events to disk, making them durable over crashes. ``` js var Emitter = require('scuttlebutt/events') var emitter = new Emitter() ``` #### emit (event, data) emit an event. only one argument is permitted. #### on (event, listener) add an event listener. ### scuttlebutt/model A replicateable `Model` object. ``` js var Model = require('scuttlebutt/model') var model = new Model() ``` #### get (key) Get a property #### set (key, value) Set a property #### on('update', function (key, value, source)) Emmitted when a property changes. If `source !== this.id` then it was a remote update. ## Protocol Messages are sent in this format: ``` js [key, value, timestamp, source] ``` `source` is the id of the node which originated this message. timestamp is the time when the message was created. this message is created using `Scuttlebutt#localUpdate(key, value)` When two `Scuttlebutts` are piped together, they both exchange their current list of sources. this is an object of `{source_id: latest_timestamp_for_source_id}` after receiving this message, `Scuttlebutt` sends any messages not yet known by the other end. This is the heart of Scuttlebutt Reconciliation. ## Security Scuttlebutt has an (optional) heavy duty security model using public keys. This enables a high level of security even in peer-to-peer applications. You can be sure that a given message is from the node that sent it, even if you did not receive the messasge from them directly. ## Enabling Security ``` js var model = require('scuttlebutt/model') var security = require('scuttlebutt/security') var keys = {} var m = new Model(security(keys, PRIVATE, PUBLIC)) ``` ## Security API When security is enabled, each scuttlebutt message is signed with a private key. It is then possible for any Scuttlebutt instance to be confidant about the authenticity of the message by verifying it against the source's public key. This is possible even if the verifying node received the message from in intermediate node. Security is activated by passing in a security object to the contructor of a Scuttlebutt subclass. Use the included implementation: ``` js var security = require('scuttlebutt/security')(keys, PRIVATE, PUBLIC) var Model = require('scuttlebutt/model') var m = new Model(security) ``` See [scuttlebutt/security.js](https://github.com/dominictarr/scuttlebutt/blob/master/security.js) for a simple example implementation. `sign(update)` should sign the `update` with the instance's private key. `verify(update, cb)` should verify the update, using public key associated with the `source` field in the update. Verification may be asyncronous. `verify` must callback `cb(err, boolean)` where boolean indicates whether or not the signature is valid. only callback in error in the most extreme circumstances. If there was no known key for the required source then that should be treated as a verification failure. If it is not possible to reach the key database (or whatever) then the request should be retried until it is available. > Note: although the API supports asyncronous verification, > it's probably a good idea to load keys into memory so that messages can be verified > and signed syncronously. `createId()` returns a new id for the current node. This is used in the example security implementation to return a id that is a hash of the public key. This makes it impossible for rogue nodes to attempt to associate a old node id with a new public key. ## Generating Keys. generate an ssh private key, and a PEM encoded public key. ``` ssh-keygen -f $KEYNAME -b $LENGTH -N $PASSWORD -q ssh-keygen -e -f $KEYNAME.pub -m PEM > $KEYNAME.pem ``` `$LENGTH` must be `>= 786`, shorter is faster but less secure. password may be empty `''`. `$KEYNAME` is the private key, and `$KEYNAME.pem` is the public key to use with Scuttlebutt.